Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/opqtJXpMhwaWJl8d0oj0CectHOw.roa
File: opqtJXpMhwaWJl8d0oj0CectHOw.roa (raw, json)
Hash identifier: qo1tf1KmSbynJhrjd3rY7aIj7KVcOpmHEyTCyzxzF2A=
Subject key identifier: A2:9A:AD:25:7A:4C:87:06:96:26:5F:1D:D2:88:F4:09:E7:2D:1C:EC
Certificate issuer: /CN=d81cf1aac21aa5823b019de91aeeec23e3e526db
Certificate serial: 05ABACF4
Authority key identifier: D8:1C:F1:AA:C2:1A:A5:82:3B:01:9D:E9:1A:EE:EC:23:E3:E5:26:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/opqtJXpMhwaWJl8d0oj0CectHOw.roa
Signing time: Wed 23 Mar 2022 10:56:40 +0000
ROA not before: Wed 23 Mar 2022 10:56:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29695
IP address blocks: 195.43.60.0/22 maxlen: 22
2001:678:f0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95137012 (0x5abacf4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d81cf1aac21aa5823b019de91aeeec23e3e526db
Validity
Not Before: Mar 23 10:56:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a29aad257a4c870696265f1dd288f409e72d1cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e1:74:25:f8:6b:b2:42:22:83:69:1b:e2:a8:
77:65:7e:98:1e:7c:33:a6:ec:92:73:43:58:af:e1:
61:d1:3c:f8:4e:7e:5d:9a:33:f2:7a:0a:42:34:00:
0f:a4:25:f6:09:2c:3e:f5:fb:6d:37:35:19:80:05:
09:af:ea:18:ab:ec:68:8c:48:48:d1:7e:4d:93:4d:
4b:f7:ec:e7:dc:06:e1:5c:c2:6d:c2:6c:a2:98:17:
34:5b:6c:b4:7f:7f:5e:30:c1:a7:64:d0:76:d3:2e:
9e:e0:a0:ff:8d:42:8b:0f:86:79:77:4d:44:00:26:
34:08:2c:99:da:40:6a:80:96:43:10:c5:2a:e9:7d:
60:7e:96:f5:00:9e:2d:e2:9a:0b:e6:9a:3b:3e:62:
37:7f:30:29:69:3d:bb:b6:4f:8d:d8:ea:29:75:bf:
19:94:b4:a8:a9:f4:2e:b8:64:0b:ed:ec:72:53:b2:
fe:89:8e:30:a1:e0:2d:55:db:56:c4:32:f6:82:c1:
cf:5e:9f:aa:46:25:40:7d:14:c1:ce:e2:dd:d5:4f:
22:d1:93:c5:91:d9:19:89:0d:f0:1f:2d:8d:d6:e3:
3c:07:d2:ff:e2:1a:2a:d9:b2:55:59:17:3d:a4:e6:
dc:1d:04:e9:b6:79:63:26:c9:24:5a:56:ad:f1:c8:
08:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9A:AD:25:7A:4C:87:06:96:26:5F:1D:D2:88:F4:09:E7:2D:1C:EC
X509v3 Authority Key Identifier:
keyid:D8:1C:F1:AA:C2:1A:A5:82:3B:01:9D:E9:1A:EE:EC:23:E3:E5:26:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/opqtJXpMhwaWJl8d0oj0CectHOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/2BzxqsIapYI7AZ3pGu7sI-PlJts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.60.0/22
IPv6:
2001:678:f0::/48
Signature Algorithm: sha256WithRSAEncryption
30:cd:c0:ad:94:56:fb:af:ff:d8:ff:36:35:b2:7a:59:f8:3b:
e3:84:b3:2f:62:84:f8:52:f4:55:70:60:d4:ed:c7:20:83:f5:
9b:fe:59:fa:cd:b5:6e:17:da:9e:b4:c4:76:94:0f:89:d9:fe:
ef:21:ba:28:53:5c:17:b9:4f:38:5f:e2:b5:cb:83:ac:f9:3d:
30:4d:18:c7:f6:ad:95:18:77:19:47:8a:d8:62:ed:9a:95:86:
31:70:d7:52:c9:a5:e8:f3:b8:68:70:39:65:5d:e9:0b:09:3c:
87:a6:5b:c1:cc:49:87:91:ec:89:0e:b7:cf:59:52:42:a5:50:
ed:c8:55:43:41:7b:4c:33:b4:91:6c:2e:54:80:27:bf:d5:17:
60:b3:0d:6f:f0:60:ba:2a:01:96:f6:43:c0:fa:97:57:41:de:
68:65:70:14:2f:69:36:86:f6:a2:65:02:70:ce:dd:dd:6c:52:
f1:54:78:a1:6a:c1:65:ca:16:76:1c:51:69:92:7f:54:a0:86:
18:09:53:a9:15:54:67:0c:43:bf:d2:7c:d7:59:fd:41:c6:f9:
76:c7:b1:19:c3:41:1d:d6:16:51:5a:f3:bf:a3:eb:5d:a1:39:
6f:12:0e:13:65:28:a4:fd:c4:f2:11:9c:f3:14:80:0d:8a:59:
2c:99:d7:07
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEBaus9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ODFjZjFhYWMyMWFhNTgyM2IwMTlkZTkxYWVlZWMyM2UzZTUyNmRiMB4XDTIyMDMy
MzEwNTY0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTI5YWFkMjU3YTRj
ODcwNjk2MjY1ZjFkZDI4OGY0MDllNzJkMWNlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM3hdCX4a7JCIoNpG+Kod2V+mB58M6bsknNDWK/hYdE8+E5+
XZoz8noKQjQAD6Ql9gksPvX7bTc1GYAFCa/qGKvsaIxISNF+TZNNS/fs59wG4VzC
bcJsopgXNFtstH9/XjDBp2TQdtMunuCg/41Ciw+GeXdNRAAmNAgsmdpAaoCWQxDF
Kul9YH6W9QCeLeKaC+aaOz5iN38wKWk9u7ZPjdjqKXW/GZS0qKn0LrhkC+3sclOy
/omOMKHgLVXbVsQy9oLBz16fqkYlQH0Uwc7i3dVPItGTxZHZGYkN8B8tjdbjPAfS
/+IaKtmyVVkXPaTm3B0E6bZ5YybJJFpWrfHICM0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSimq0lekyHBpYmXx3SiPQJ5y0c7DAfBgNVHSMEGDAWgBTYHPGqwhqlgjsB
neka7uwj4+Um2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJCenhxc0lhcFlJN0FaM3BHdTdzSS1QbEp0cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGIvYjhhNmE0LWY3ZWEtNGFmZS1iNjBmLTljMGRlMzY1MjczOC8x
L29wcXRKWHBNaHdhV0psOGQwb2owQ2VjdEhPdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGIv
YjhhNmE0LWY3ZWEtNGFmZS1iNjBmLTljMGRlMzY1MjczOC8xLzJCenhxc0lhcFlJ
N0FaM3BHdTdzSS1QbEp0cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAsMrPDAPBAIAAjAJAwcAIAEGeADw
MA0GCSqGSIb3DQEBCwUAA4IBAQAwzcCtlFb7r//Y/zY1snpZ+DvjhLMvYoT4UvRV
cGDU7ccgg/Wb/ln6zbVuF9qetMR2lA+J2f7vIbooU1wXuU84X+K1y4Os+T0wTRjH
9q2VGHcZR4rYYu2alYYxcNdSyaXo87hocDllXekLCTyHplvBzEmHkeyJDrfPWVJC
pVDtyFVDQXtMM7SRbC5UgCe/1Rdgsw1v8GC6KgGW9kPA+pdXQd5oZXAUL2k2hvai
ZQJwzt3dbFLxVHihasFlyhZ2HFFpkn9UoIYYCVOpFVRnDEO/0nzXWf1Bxvl2x7EZ
w0Ed1hZRWvO/o+tdoTlvEg4TZSik/cTyEZzzFIANilksmdcH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:34 2023 by rpki-client on console-fra.rpki-client.org